Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
File:                     LSNrVIulmiq7JYI0HVYMqJP0l2M.mft (raw, json)
Hash identifier:          wwaG/Wv2Q6hXoOQES4EllsS62vredSvAIAKIKpgw8vA=
Subject key identifier:   FB:98:E1:8F:6E:26:28:79:A6:26:0D:71:FE:1E:CB:90:B2:FA:07:CC
Authority key identifier: 2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63
Certificate issuer:       /CN=2d236b548ba59a2abb2582341d560ca893f49763
Certificate serial:       0196C49504C19FACC2EFC5A2C74457723694
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
Manifest number:          12D6
Signing time:             Mon 12 May 2025 13:00:22 +0000
Manifest this update:     Mon 12 May 2025 13:00:22 +0000
Manifest next update:     Tue 13 May 2025 13:00:22 +0000
Files and hashes:         1: LSNrVIulmiq7JYI0HVYMqJP0l2M.crl (hash: VbMdUXzcNhuKd/DCYFswW1ws/1EMtiC6S2Rbar21bT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 13:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:95:04:c1:9f:ac:c2:ef:c5:a2:c7:44:57:72:36:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d236b548ba59a2abb2582341d560ca893f49763
        Validity
            Not Before: May 12 13:00:22 2025 GMT
            Not After : May 13 13:00:22 2025 GMT
        Subject: CN=fb98e18f6e262879a6260d71fe1ecb90b2fa07cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f8:fd:c7:c0:dd:42:86:e5:11:c2:69:f8:2a:
                    2a:0f:8f:4e:6f:36:84:dd:42:5f:47:8c:f4:b0:cb:
                    c1:f5:75:a9:d5:2b:ae:ae:51:0c:88:53:75:38:63:
                    4d:f6:92:41:31:2a:4f:11:17:ae:33:08:6e:bd:0d:
                    9c:07:97:8a:01:e5:82:85:4a:b7:89:d1:bb:b0:b6:
                    9e:6b:c2:e9:68:57:cb:bb:f2:6d:0a:67:4e:42:d7:
                    3a:16:47:ed:28:ef:fa:7f:6f:c6:5a:18:c8:d9:54:
                    5e:f4:6d:71:3b:95:c1:2a:bf:75:8b:8f:96:ea:bd:
                    a2:d4:f8:63:68:c5:39:14:aa:f4:f3:c1:23:ba:19:
                    37:c7:b4:b2:7e:27:ed:ab:29:82:2b:8e:45:4f:07:
                    e9:2c:3d:cc:b9:d7:56:36:72:c7:dc:78:1f:0f:4a:
                    ab:ad:77:4c:1c:82:be:04:6b:46:b0:a0:44:b4:37:
                    2c:d3:ea:f8:bd:1f:77:fa:5f:bb:8c:16:13:49:4a:
                    eb:bb:ba:10:ff:02:82:88:a2:26:1d:6e:ff:85:e6:
                    ef:b0:d9:c6:00:48:a5:a9:0f:d0:a7:cf:30:ab:32:
                    fa:fb:5f:a2:8e:11:a6:83:62:ee:e3:39:e1:75:4b:
                    08:de:99:61:86:98:c2:52:5f:3a:83:47:26:c2:4e:
                    e2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:98:E1:8F:6E:26:28:79:A6:26:0D:71:FE:1E:CB:90:B2:FA:07:CC
            X509v3 Authority Key Identifier:
                keyid:2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:ec:b0:71:ad:37:b7:63:fb:54:51:6e:5e:b3:86:fb:e0:ae:
         fb:47:42:83:61:07:55:bd:c0:f0:1c:21:db:8d:56:6c:1b:ed:
         14:4b:57:89:f3:63:66:46:c7:62:d8:7d:73:ab:f5:d9:20:20:
         bd:e0:61:51:bd:8f:6f:80:16:3f:8e:9d:29:21:59:e8:c2:9c:
         23:dd:ee:3c:af:81:bc:46:2b:b5:82:61:1d:4b:41:de:cd:3d:
         e4:0c:c1:0b:87:c3:e0:c5:48:c6:a2:5d:09:d5:78:19:35:37:
         17:b4:23:ba:14:44:63:b1:1a:80:b1:7c:54:15:87:f8:9a:7e:
         31:af:3f:23:86:2f:5a:53:73:93:87:b1:99:66:86:66:39:e3:
         af:31:81:12:71:76:b6:a6:81:3e:af:91:de:05:f3:88:17:b0:
         fd:b3:31:60:df:c9:2c:ea:cb:09:68:0a:4d:f7:fd:a1:35:7d:
         0a:21:88:8f:e7:1e:e3:9a:7d:a1:68:7a:fa:f5:79:af:0d:4f:
         8f:73:9f:d9:fa:1e:bd:46:31:a2:77:05:d1:1e:91:18:c2:18:
         53:3d:df:a3:a5:54:09:d3:d1:8a:77:6a:5a:93:96:c8:27:95:
         b1:cd:b7:b7:f7:3d:2c:d6:f1:4f:07:8b:83:c6:37:91:7e:21:
         91:ad:f2:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbElQTBn6zC78Wix0RXcjaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjM2YjU0OGJhNTlhMmFiYjI1ODIzNDFkNTYwY2E4OTNm
NDk3NjMwHhcNMjUwNTEyMTMwMDIyWhcNMjUwNTEzMTMwMDIyWjAzMTEwLwYDVQQD
EyhmYjk4ZTE4ZjZlMjYyODc5YTYyNjBkNzFmZTFlY2I5MGIyZmEwN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPj9x8DdQoblEcJp+CoqD49ObzaE
3UJfR4z0sMvB9XWp1SuurlEMiFN1OGNN9pJBMSpPEReuMwhuvQ2cB5eKAeWChUq3
idG7sLaea8LpaFfLu/JtCmdOQtc6FkftKO/6f2/GWhjI2VRe9G1xO5XBKr91i4+W
6r2i1PhjaMU5FKr088Ejuhk3x7SyfiftqymCK45FTwfpLD3MuddWNnLH3HgfD0qr
rXdMHIK+BGtGsKBEtDcs0+r4vR93+l+7jBYTSUrru7oQ/wKCiKImHW7/hebvsNnG
AEilqQ/Qp88wqzL6+1+ijhGmg2Lu4znhdUsI3plhhpjCUl86g0cmwk7iwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuY4Y9uJih5piYNcf4ey5Cy+gfMMB8GA1UdIwQY
MBaAFC0ja1SLpZoquyWCNB1WDKiT9JdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAt
MjU3MTM2OWMyMDJiLzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAtMjU3MTM2OWMyMDJi
LzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAguywca03
t2P7VFFuXrOG++Cu+0dCg2EHVb3A8Bwh241WbBvtFEtXifNjZkbHYth9c6v12SAg
veBhUb2Pb4AWP46dKSFZ6MKcI93uPK+BvEYrtYJhHUtB3s095AzBC4fD4MVIxqJd
CdV4GTU3F7QjuhREY7EagLF8VBWH+Jp+Ma8/I4YvWlNzk4exmWaGZjnjrzGBEnF2
tqaBPq+R3gXziBew/bMxYN/JLOrLCWgKTff9oTV9CiGIj+ce45p9oWh6+vV5rw1P
j3Of2foevUYxoncF0R6RGMIYUz3fo6VUCdPRindqWpOWyCeVsc23t/c9LNbxTweL
g8Y3kX4hka3yrg==
-----END CERTIFICATE-----